Buffering data until encrypted destination is unlocked

ABSTRACT

A computer-implemented method for loading data into a secure storage volume may be provided. The method comprises receiving data to be stored on the secure storage volume, storing the received data in a buffer, and upon determining that the secure storage volume is unlocked, transferring the received data from the buffer to the secure storage volume in encrypted form.

BACKGROUND

The invention relates generally to a method for loading data into asecure storage volume, and more specifically, to a computer-implementedmethod for loading data into a secure storage volume which is locked andwhich may not have a direct user interface. The invention relatesfurther to a related system for loading data into a secure storagevolume, and a computer program product.

Storing large amounts of data continues to be a constant challenge notonly for enterprises but also for SMB (small and medium business) andprivate computer users. Often, network attached storage (NAS) devicesmay be used to store data outside the actually used computer system.This may make data available to a group of users and may offload datanot permanently required on, e.g., a mobile device. The data may then beaccessed by authorized users—in particular those knowing the accesscredentials—via a network. A popular feature of NAS devices forhome/small office solutions is a quick copy button. It allows attachingexternal storage—e.g., a disk or a memory card or a USB stick—to a portof the NAS device—typically a USB port or an SD slot—and copying itscontent to the predefined location of the NAS by just pressing adedicated button on the NAS cover.

This may be very convenient, e.g., for copying photos from an SD card(secure digital memory card) without the requirement to use a computeras interfacing device.

Another popular option for such NAS devices is data encryption.Typically, NAS devices are headless—i.e., don't have any keyboard and/ora display—so users have to connect to the NAS device over a network fromanother computer to provide the required encryption password in order tounlock and access the volume. Another option may be that the password isstored in the NAS device, which makes it convenient—i.e., no need formanual action in case of reboot—but less secure. The individual disks ofthe NAS device may be encrypted, but in case of theft of the entire NAS,the data could be decrypted without a lot of effort.

Thus, users may have either convenience (one touch copy button) orsecurity (encrypted volume, without any encryption key on the NASdevice), but both options together—up to now—do not work at the sametime. If it would be required to provide a password to unlock anencrypted volume, the one touch copy option may no longer be thatconvenient.

SUMMARY

According to one aspect of the present invention, a computer-implementedmethod for loading data into a secure storage volume may be provided.The method may comprise receiving data to be stored on the securestorage volume, storing the received data in a buffer, and upondetermining that the secure storage volume is unlocked, transferring thereceived data from the buffer to the secure storage volume in encryptedform.

According to another aspect of the present invention, a related systemfor loading data into a secure storage volume may be provided. Thesystem may comprise a secure storage volume adapted for storing datareceived by a receiving unit, a buffer adapted for intermediatelystoring the received data, a determination module adapted fordetermining that the secure storage volume is unlocked, and atransferring module adapted for: upon the determination by thedetermination module determining that the secure storage volume isunlocked, transferring the received data from the buffer to the securestorage volume in encrypted form.

Furthermore, embodiments may take the form of a related computer programproduct, accessible from a computer-usable or computer-readable mediumproviding program code for use, by, or in connection, with a computer orany instruction execution system. For the purpose of this description, acomputer-usable or computer-readable medium may be any apparatus thatmay contain means for storing, communicating, propagating ortransporting the program for use, by, or in connection, with theinstruction execution system, apparatus, or device.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

It should be noted that embodiments of the invention are described withreference to different subject-matters. In particular, some embodimentsare described with reference to method type claims, whereas otherembodiments are described with reference to apparatus type claims.However, a person skilled in the art will gather from the above and thefollowing description that, unless otherwise notified, in addition toany combination of features belonging to one type of subject-matter,also any combination between features relating to different subject-matters, in particular, between features of the method type claims, andfeatures of the apparatus type claims, is considered as to be disclosedwithin this document.

The aspects defined above, and further aspects of the present invention,are apparent from the examples of embodiments to be describedhereinafter and are explained with reference to the examples ofembodiments, but to which the invention is not limited.

Preferred embodiments of the invention will be described, by way ofexample only, and with reference to the following drawings:

FIG. 1 shows a block diagram of an embodiment of the inventive computer-implemented method for loading data into a secure storage volume.

FIG. 2 shows a block diagram of a more implementation-near embodiment ofthe proposed concept.

FIG. 3 shows a block diagram of another implementation-near embodimentof the proposed concept.

FIG. 4 shows an embodiment of volumes with keys.

FIG. 5 shows a block diagram of an embodiment of the system for loadingdata into a secure storage volume.

FIG. 6 shows an embodiment of a computing system comprising the systemaccording to FIG. 5.

DETAILED DESCRIPTION

In the context of this description, the following conventions, termsand/or expressions may be used:

The term ‘secure storage volume’ may denote a device or a part of adevice—eventually only file system comprising data files—enabled tostore data in a secured form, e.g., in encrypted form. The securestorage volume may store data non-volatile and persistently, i.e., ifpower is down for the secure storage volume or a related device, thedata continue to be validly stored. If power comes back, the data willbe re-accessible. In order to access the data of the secure storagevolume, an access key may be required. The access key may at the sametime be the encryption/decryption key using a symmetricencryption/decryption method.

The term ‘data’ may denote any type of information storable in form oftext, images, sound, video, executable programs, archives, database orany other suitable format for electronic data.

The term ‘buffer’ may denote an intermediate storage. The buffer mayalso be available in form of a storage volume and may optionally allowan encryption of the stored data. The buffer may be implemented as partof the same device the secure storage volume is implemented, e.g., a NAS(network attached storage) or another persistent storage. The physicalstorage may be implemented using a hard drive or a solid state disk(SSD), e.g., in form of an NVRAM, as memristor or any other deviceallowing to build persistent storage devices. The buffer may also bedenotable as buffer device or staging buffer.

The term ‘unlocked’ may denote that access to secured, protected data isgranted to a user or system. The user or a system operated by a user (oranother system) may require a password. Also 2-way-authenticationprinciples may be implementable. The password used to unlock the deviceoperable for the secure storage volume may, at the same time, be theencryption/decryption password for accessing the data. Thus, asymmetrical encryption/decryption key may be used.

The term ‘data in encrypted form’ may denote that the data have beenencrypted and may only be accessible after a decryption. Incryptography, encryption is the process of encoding a message orinformation in such a way that only authorized parties can access it andthose who are not authorized cannot. Encryption does not itself preventinterference, but may deny the intelligible content to a would-beinterceptor. In an encryption scheme, the intended information ormessage, referred to as plaintext, is encrypted using an encryptionalgorithm—a cipher—generating cipher text that may be read only ifdecrypted. For technical reasons, an encryption scheme may usually use apseudo-random encryption key generated by an algorithm. It may inprinciple be possible to decrypt the message without possessing the key,but, for a well-designed encryption scheme, considerable computationalresources and skills are required. An authorized recipient may easilydecrypt the message with the key provided by the originator torecipients but not to unauthorized users.

The term ‘encryption key’ may denote a code to encode data in the senseof the previous paragraph.

The term ‘ad-hoc generated encryption key’ may denote, e.g., apseudo-randomly generated encryption key, which may be generated “on thefly”, i.e., whenever it is needed. Any code may be used, because for theproposed concept. The ad-hoc encryption key will never be used by ahuman operator or user.

The term ‘asymmetric key pair’ may denote any cryptographic system thatuses pairs of keys: public keys which may typically be disseminatedwidely, and private keys which may be known only to the owner orauthorized personnel (or systems). This may accomplish two functions:authentication, where the public key may verify that a holder of thepaired private key sent the message, and encryption, where only thepaired private key holder can decrypt the message encrypted with thepublic key; in the here proposed concept, this would be theintermediately stored received data in the buffer.

In a public key encryption system, any person or system may encrypt amessage using the public key. That encrypted message may only bedecrypted with the private key. To be practical, the generation of apublic and private key-pair may be computationally economical. Thestrength of a public key cryptography system relies on the computationaleffort (work factor in cryptography) required to find the private keyfrom its paired public key. Effective security only may require keepingthe private key private (on the secure storage volume); the public keymay be openly distributed without compromising security, here on thebuffer or in another volatile storage of the related device.

The proposed computer-implemented method for loading data into a securestorage volume may offer multiple advantages and technical effects:

The proposed concept may enable conveniently importing data to anencrypted storage volume without significant degradation in security andperformance. Even if the encrypted destination volume is locked, thereis no need for a user to provide a password—in particular, theencryption/decryption key—or use any other authentication to import newdata. The imported data may be stored on a staging device or stagingvolume outside of the destination encryption volume. When a user unlocksthe encrypted secure volume, the data received may be flushed—afterencryption—from the staging volume—in particular, the buffer—to thedestination secure volume, e.g., a new subdirectory thereof.

Moreover, the application of the proposed concept is not limited to NASdevices, but may be applied to any other storage systems in mobile orother devices. Thus, the proposed concept combines the convenience of aneasy data reception—e.g., via a one touch copy button—and the accesssecurity provided using encrypted volumes.

It may also be possible to encrypt also the received data on anintermediate volume/device—i.e., the buffer—and secure its contentagainst unauthorized access and not only encrypt the data on the securestorage volume. Thus, no received data may ever be stored in clear textformat. And the storage device comprising the secure storage volume andthe buffer may remain headless, i.e., without a dedicated user interfacecomprising a keyboard and a screen or similar.

In the following, additional embodiment of the proposed method—alsoapplicable to the related system—will be described:

According to one preferred embodiment of the method, the secure storagevolume may be unlocked by a received encryption key—e.g., received froma user—to be used to encrypt and decrypt data on the secure storagevolume. The secure storage volume may be a component of, e.g., a NASwithout a direct user interface (eventually, only via a web browser viaanother computer). If a user intends to access data on the securestorage volume, he may enter the key—e.g., an encryption/decryption keyfor the data on the secure storage volume—and may send it to the systemmanaging the secure storage volume. For accessing the data on the securestorage volume, the system may use the key received and unlock thesecure storage volume. In such a case, the key may also be used toencrypt the data on the buffer before transferring them to the securestorage volume. After such a process step, the originally received data,intermediately stored on/in the buffer, may be stored in encrypted formin/on the secure storage volume with the same key as the data that havealready been stored there before. Thus, after that process, the data areconsequently accessible like any other data on/in the secure storagevolume (i.e., using the secret decryption key).

According to an advantageous embodiment of the method, the received datain the buffer may be encrypted using an encryption key available to thebuffer. Such an encryption key may be stored in the device of the securestorage volume. The key may be set up during a setup procedure of thedevice. During normal operation of the device, managing the securestorage volume, the data on/in the buffer may be secured againstunauthorized access. However, if the complete device of the securestorage volume—e.g., a comparably small NAS box—may be stolen, the dataon/in the buffer may still be not directly accessible using the keystored in the device. However, also this potential weakness may beaddress as explained below.

According to another advantageous embodiment of the method, the receiveddata in the buffer may be encrypted using an ad-hoc generated encryptionkey. Hence, a new ad-hoc encryption key may be generated every time newdata may be received after each press on the “one-click” storage button.However, it may also be possible to use the ad-hoc generated encryptionkey for several chunks of received data, e.g., for a predefined numberof received chunks or for a predefined timeframe, etc. The ad-hocgenerated encryption key for the data of the buffer may also be storedin the device; hence, also with this mechanism a stolen NAS may renderthe data stored in encrypted form in/on the buffer as compromised.Alternatively, the ad- hoc generated encryption key may be storedremotely to the device. In such a case, not only the data on the securestorage volume, but also the data on/in the buffer may be safe againstunauthorized access.

According to an additional alternative embodiment of the method, thead-hoc generated encryption key—e.g., denoted as KEY1—may be stored inan encrypted form using an asymmetric key pair—in particular, public keyPUB/private key PRV—which public portion may be stored unencrypted inthe buffer and which private key portion—in particular PRV—may be storedon the secure storage volume—in particular in an encrypted formrequiring the unlocking key KEY0 for the secure storage volume tore-establish the ad-hoc generated encryption key, i.e., KEY1. The publickey PUB may be stored in the device or as part of the buffer duringset-up in clear text form.

This way, it may be required to unlock the secure storage volume withthe unlocking key KEY0 in order to access the private key portion PRVfor decrypting the key required to decrypt temporary stored receiveddata of the buffer to further encrypt these received data with theunlocking and encryption key KEY0 of the secure storage volume beforestoring the data on/in the secure storage volume. This way, a theft ofthe device, housing the buffer and the secure storage volume, keeps thedata in the secure storage volume, as well as in the buffer inaccessiblefor un-authorized personnel.

According to optional embodiments of the method, the secure storagevolume may be a storage volume of a storage device selected from thegroup comprising a network attached storage (NAS), a digital camera, asmartphone, a digital voice recorder, a surveillance system or, anyother suitable storage device, allowing to define and to set up storagevolumes. Optionally, such a storage device may also be operated by acloud computing provider and may only be accessible via a wide areanetwork.

According to one advantageous embodiment of the method, the buffer mayalso be a volume, and the buffer volume and the secure storage volumemay be stored on a hard drive—or a group of hard drives—of a storagesystem. Furthermore, the buffer and the secure storage volume may alsobe arranged on a non-hard-drive device. Thus, the device may be realizedusing spinning disks and/or solid state devices/drives.

According to one preferred embodiment of the method, the received datain a buffer may be removed—in particular, automatically deleted—afterthe data from the buffer may have been transferred to the secure storagevolume—in particular, in encrypted form. Thus, data may only be storedpotentially in unencrypted form—in particular, in/on the buffer—as longas needed.

According to a further preferred embodiment of the method, the securestorage volume may be locked after the data from the buffer have beentransformed to the secure storage. Such a locking of the secure storagevolume may happen automatically if there is no continued authorizedaccess to the data in/on the secure storage volume after finishing thetransfer from the buffer to the secure storage volume. Thus, the accessto the secure storage volume is only as long as required “open” asnecessary.

In the following, a detailed description of the figures will be given.All instructions in the figures are schematic. Firstly, a block diagramof an embodiment of the inventive computer- implemented method forloading data into a secure storage volume is given. Afterwards, furtherembodiments, as well as embodiments of the system for loading data intoa secure storage volume, will be described.

FIG. 1 shows a block diagram of an embodiment of thecomputer-implemented method 100 for loading data into a secure storagevolume—in particular an encrypted secure storage volume. The method 100comprises receiving, 102, data—e.g., from an USB stick or SD card—to bestored on the secure storage volume, e.g., in a NAS using a one touchbutton feature.

The method 100 also comprises storing, 104, the received data in abuffer, and upon determining that the secure storage volume becomesunlocked—e.g., by providing a password/the encryption key(KEY0)—transferring, 106, the received data from the buffer to thesecure storage volume in encrypted form, in particular using theencryption key KEY0 to safely store the received data on the securestorage device. The determining the unlocked status of the securestorage volume may be implemented by checking the status in a loopprocess, by messaging technology or by using an interrupt.

I should also be mentioned that instead of the NAS a camera with a smartcard may support the proposed concept. In such a case, the buffer would,e.g., be a part of the camera's memory and the smart card (SD=securedigital) memory card—usually used to store the images—is used as thesecure storage device.

Alternatively, the same principle may be applied to a smartphone with,e.g., an SD card. E.g., the smartphone memory (i.e., part of it) mayfunction as buffer and the smartcard may be instrumental as securestorage device. A user interface may be useful for entering the key KEY0for the encryption of the data (e.g., images or other received data) andfor triggering the transfer for the buffer to the secure storage device.

FIG. 2 shows a block diagram of a more implementation-near embodiment200 of the proposed concept. New data 202 may become available to bestored securely. Firstly, it is determined, 204, whether the securestorage volume is unlocked. If that is the case—case “Y”—the data arewritten 205 to the secure storage volume in encrypted form. If that isnot the case—case “N”—the received data are firstly saved, 206, to afile (or more files) or sub-directory of a staging device, i.e., abuffer. In case it is determined that the secure storage volume has beenunlocked—e.g., the encryption/access key (e.g., KEY0) has beenreceived—the data in the buffer will automatically be transferred, 208to the secure storage volume—in particular after encryption with theencryption key of the secure storage volume KEY0.

Optionally, the buffer can be cleared, 210, after the transferring thedata and the secure storage volume can also be locked 212,automatically—if no further access to the secure storage volume may berequired—after the transfer is complete. The process ends in both casesat 214.

FIG. 3 shows a block diagram of another implementation-near embodimentof an embodiment 300 of a part of the proposed concept. Again, as inFIG. 2, new input data are received, 302. Then, it is be determined,304, whether the secure storage volume is unlocked. If that is thecase—case “Y”—the data are directly written, 305, to the secure storagevolume in encrypted form (using key KEY0).

If that is not the case—case “N”—an ad-hoc key K1 is generated, 306 (ifit has not been generated before). This key K1 is then encrypted, 308,using a public portion PUB of a public/private key pair PUB/PRV. The keyportion PUB may be available unencrypted, e.g., stored in the buffer orin another non-volatile memory of the related device. The privateportion PRV may be stored in the secure storage device in encryptedform. Thus, data stored in encrypted form with key K1 may not bedecrypted without having access to the encrypted key portion PRV as partof the secure storage volume which can only be unlocked by the accesskey KEY0.

Thus, the key KEY0—i.e., the access key to the secure storagevolume—needs to be available to access the data on the buffer bydecrypting the key K1 and by using K1 to decrypt the data on/in thebuffer.

In any case, the encrypted key K1 and the key PUB are finally stored,310, on the buffer. The key K1 (in unencrypted form) is also used toencrypt, 312, the received data for storing it on the buffer. In bothcases, the sub-process ends at 314.

The transfer from the buffer 402 to the secure storage volume 404 isperformed according to FIG. 2, with the additional step of decryptingK1, and with it—in encrypted form—to decrypt the data on/in the buffer.Then, the data are encrypted with the key KEY0 (ref.-num. 406) andstored on the secure storage volume 404.

A practical example may render the proposed concept more comprehensive:

-   -   1. A user buys a NAS with the invention implemented.    -   2. The user executes initialization/setup of the device. He        chooses a key/passphrase “KEY0” for encrypting the encrypted        volume. Also, a pair of asymmetrical keys is generated. The        public key “PUB” is saved on staging volume and private key        “PRV” is saved on the encrypted volume.        -   The staging volume/buffer comprises: PUB.        -   The secure storage volume (unlocked) contains: PRV.    -   3. The user locks the encrypted volume.        -   The buffer comprises: PUB.        -   The secure storage volume (locked) comprises: PRV.    -   4. The user uploads file DATA1 to the NAS. A random symmetrical        key “KEY1” is generated. The file DATA1 is encrypted using key        KEY1 and is stored as ENC_DATA1 on the buffer (also denotable as        buffer volume). Key KEY1 is encrypted using key PUB and is        stored as ENC_KEY1 in the buffer (also denotable as staging        volume).        -   The buffer comprises: PUB, ENC_DATA1, ENC_KEY;        -   The secure storage volume (locked) comprises: PRV.    -   5. The user uploads file DATA2 to the NAS. A random symmetrical        key “KEY2” is generated. File DATA2 is encrypted using key KEY2        and is stored as ENC_DATA2 on the buffer. Key KEY2 is encrypted        using key PUB and is stored as ENC_KEY2 on the buffer.        -   The buffer comprises: PUB, ENC_DATA1, ENC_KEY1, ENC_DATA2,            ENC_KEY2;        -   The secure storage volume (locked) comprises: PRV.    -   6. The user unlocks the secure storage volume using KEY0        (typically, remembered by a user).        -   The buffer comprises: PUB, ENC_DATA1, ENC_KEY1, ENC_DATA2,            ENC_KEY2;        -   The secure storage volume (unlocked) comprises: PRV.    -   7. The user flushes/transfers the data to the secure storage        volume.        -   7.1. PRV key is used to decrypt ENC_KEY1 into plain KEY1.            KEY1 key is used to decrypt ENC_DATA1 into plain DATA1.            DATA1 gets stored on the secure storage volume. ENC_KEY1 and            ENC_DATA1 are removed.        -   7.2 PRV key is used to decrypt ENC_KEY2 into plain KEY2.            KEY2 key is used to decrypt ENC_DATA2 into plain DATA2.            DATA2 gets stored on the encrypted volume. ENC_KEY2 and            ENC_DATA2 are removed.        -   The buffer comprises: PUB.        -   The secure storage volume (unlocked) comprises: PRV, DATA1,            DATA2.

FIG. 4 shows an embodiment 400 of volumes with keys. The buffer volume402, as well as the secure storage volume 404 may be stored on/in astorage system—e.g., a hard drive or a solid-state disk, or comparable.However, it may also be possible to use more than one storagedevice—e.g., as part of the same NAS—to manage the buffer 402 and thesecure storage volume 404.

The public/private key pair PUB/PRV 408/410 relate to each other asshown. The key PUB 410 may also be stored in other components of arelated device. The key KEY0 is required to access the data encrypted onthe secure storage volume 404. Additionally, the same key may berequired to decrypt the key portion PRV 408 in order to decrypt K1 to beused for the decryption the data 412 which have been encrypted in thebuffer using the ad-hoc key K1, before the data are encrypted using thekey KEY0 and stored on/in the secure storage volume 404.

FIG. 5 shows a block diagram of an embodiment of the system 500 forloading data into a secure storage volume 404 (compare FIG. 4). Thesystem comprises the secure storage volume 404 adapted for storing datareceived by a receiving unit 502, a buffer 402 adapted forintermediately storing the received data, a determination module 504adapted for determining that the secure storage volume is unlocked, anda transferring module 506 adapted for: upon the determination by thedetermination module determining that the secure storage volume 404 isunlocked, transferring the received data from the buffer to the securestorage volume 404 in encrypted form.

Embodiments of the invention may be implemented together with virtuallyany type of computer, regardless of the platform being suitable forstoring and/or executing program code. FIG. 6 shows, as an example, acomputing system 600 suitable for executing program code related to theproposed method.

The computing system 600 is only one example of a suitable computersystem, and is not intended to suggest any limitation as to the scope ofuse or functionality of embodiments of the invention described herein,regardless, whether the computer system 600 is capable of beingimplemented and/or performing any of the functionality set forthhereinabove. In the computer system 600, there are components, which areoperational with numerous other general purpose or special purposecomputing system environments or configurations. Examples of well-knowncomputing systems, environments, and/or configurations that may besuitable for use with computer system/server 600 include, but are notlimited to, personal computer systems, server computer systems, thinclients, thick clients, hand-held or laptop devices, multiprocessorsystems, microprocessor-based systems, set top boxes, programmableconsumer electronics, network PCs, minicomputer systems, mainframecomputer systems, and distributed cloud computing environments thatinclude any of the above systems or devices, and the like. Computersystem/server 600 may be described in the general context of computersystem- executable instructions, such as program modules, being executedby a computer system 700. Generally, program modules may includeroutines, programs, objects, components, logic, data structures, and soon that perform particular tasks or implement particular abstract datatypes. Computer system/server 600 may be practiced in distributed cloudcomputing environments where tasks are performed by remote processingdevices that are linked through a communications network. In adistributed cloud computing environment, program modules may be locatedin both, local and remote computer system storage media, includingmemory storage devices.

As shown in the figure, computer system/server 600 is shown in the formof a general-purpose computing device. The components of computersystem/server 600 may include, but are not limited to, one or moreprocessors or processing units 602, a system memory 604, and a bus 606that couple various system components including system memory 604 to theprocessor 602. Bus 606 represents one or more of any of several types ofbus structures, including a memory bus or memory controller, aperipheral bus, an accelerated graphics port, and a processor or localbus using any of a variety of bus architectures. By way of example, andnot limiting, such architectures include Industry Standard Architecture(ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA)bus, Video Electronics Standards Association (VESA) local bus, andPeripheral Component Interconnects (PCI) bus. Computer system/server 600typically includes a variety of computer system readable media. Suchmedia may be any available media that is accessible by computersystem/server 600, and it includes both, volatile and non-volatilemedia, removable and non-removable media.

The system memory 604 may include computer system readable media in theform of volatile memory, such as random access memory (RAM) 608 and/orcache memory 610. Computer system/server 600 may further include otherremovable/non-removable, volatile/non- volatile computer system storagemedia. By way of example only, a storage system 612 may be provided forreading from and writing to a non-removable, non-volatile magnetic media(not shown and typically called a ‘hard drive’). Although not shown, amagnetic disk drive for reading from and writing to a removable,non-volatile magnetic disk (e.g., a ‘floppy disk’), and an optical diskdrive for reading from or writing to a removable, non-volatile opticaldisk such as a CD- ROM, DVD-ROM or other optical media may be provided.In such instances, each can be connected to bus 606 by one or more datamedia interfaces. As will be further depicted and described below,memory 604 may include at least one program product having a set (e.g.,at least one) of program modules that are configured to carry out thefunctions of embodiments of the invention.

The program/utility, having a set (at least one) of program modules 616,may be stored in memory 604 by way of example, and not limiting, as wellas an operating system, one or more application programs, other programmodules, and program data. Each of the operating systems, one or moreapplication programs, other program modules, and program data or somecombination thereof, may include an implementation of a networkingenvironment. Program modules 616 generally carry out the functionsand/or methodologies of embodiments of the invention, as describedherein.

The computer system/server 600 may also communicate with one or moreexternal devices 618 such as a keyboard, a pointing device, a display620, etc.; one or more devices that enable a user to interact withcomputer system/server 600; and/or any devices (e.g., network card,modem, etc.) that enable computer system/server 600 to communicate withone or more other computing devices. Such communication can occur viaInput/Output (I/O) interfaces 614. Still yet, computer system/server 600may communicate with one or more networks such as a local area network(LAN), a general wide area network (WAN), and/or a public network (e.g.,the Internet) via network adapter 622. As depicted, network adapter 622may communicate with the other components of computer system/server 600via bus 606. It should be understood that, although not shown, otherhardware and/or software components could be used in conjunction withcomputer system/server 600. Examples include, but are not limited to:microcode, device drivers, redundant processing units, external diskdrive arrays, RAID systems, tape drives, and data archival storagesystems, etc.

It may be noted that the computing system in the context of the proposedidea for the logging system may be headless, meaning that only networkconnections may be available, but no display, pointing device, or otherdirect user I/O components. Additionally, the system 500 for loadingdata into a secure storage volume may be attached to the bus system 606.

The descriptions of the various embodiments of the present inventionhave been presented for purposes of illustration, but are not intendedto be exhaustive or limited to the embodiments disclosed. Manymodifications and variations will be apparent to those of ordinaryskills in the art without departing from the scope and spirit of thedescribed embodiments. The terminology used herein was chosen to bestexplain the principles of the embodiments, the practical application ortechnical improvement over technologies found in the marketplace, or toenable others of ordinary skills in the art to understand theembodiments disclosed herein.

The present invention may be embodied as a system, a method, and/or acomputer program product. The computer program product may include acomputer readable storage medium (or media) having computer readableprogram instructions thereon for causing a processor to carry outaspects of the present invention.

The medium may be an electronic, magnetic, optical, electromagnetic,infrared or a semi-conductor system for a propagation medium. Examplesof a computer-readable medium may include a semi-conductor or solidstate memory, magnetic tape, a removable computer diskette, a randomaccess memory (RAM), a read-only memory (ROM), a rigid magnetic disk andan optical disk. Current examples of optical disks include compactdisk-read only memory (CD-ROM), compact disk-read/write (CD-R/W), DVDand Blu-Ray-Disk.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disk read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either source code or object code written in anycombination of one or more programming languages, including anobject-oriented programming language such as Smalltalk, C++ or the like,and conventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatuses, or anotherdevice to cause a series of operational steps to be performed on thecomputer, other programmable apparatus or other device to produce acomputer implemented process, such that the instructions which executeon the computer, other programmable apparatuses, or another deviceimplement the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

The flowcharts and/or block diagrams in the figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or act or carry out combinations of special purpose hardwareand computer instructions.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to limit the invention. As usedherein, the singular forms “a”, “an” and “the” are intended to includethe plural forms as well, unless the context clearly indicatesotherwise. It will further be understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof.

The corresponding structures, materials, acts, and equivalents of allmeans or steps plus function elements in the claims below are intendedto include any structure, material, or act for performing the functionin combination with other claimed elements, as specifically claimed. Thedescription of the present invention has been presented for purposes ofillustration and description, but is not intended to be exhaustive orlimited to the invention in the form disclosed. Many modifications andvariations will be apparent to those of ordinary skills in the artwithout departing from the scope and spirit of the invention. Theembodiments are chosen and described in order to best explain theprinciples of the invention and the practical application, and to enableothers of ordinary skills in the art to understand the invention forvarious embodiments with various modifications, as are suited to theparticular use contemplated.

What is claimed is:
 1. A computer-implemented method for loading datainto a secure storage volume, said method comprising: receiving data tobe stored on said secure storage volume; storing said received data in abuffer; and upon determining that said secure storage volume isunlocked, transferring said received data from said buffer to saidsecure storage volume in encrypted form.
 2. The method according toclaim 1, wherein said secure storage volume is unlocked by a receivedencryption key to be used to encrypt and decrypt data on said securestorage volume.
 3. The method according to claim 1, wherein saidreceived data in said buffer are encrypted using an encryption keyavailable to said buffer.
 4. The method according to claim 1, whereinsaid received data in said buffer are encrypted using an ad-hocgenerated encryption key.
 5. The method according to claim 4, whereinsaid ad-hoc generated encryption key is stored in an encrypted formusing an asymmetric key pair which public portion is stored unencryptedin said buffer and which private key portion is stored on said securestorage volume.
 6. The method according to claim 1, wherein said securestorage volume is a storage volume of a storage device selected from agroup comprising a network attached storage, a digital camera, asmartphone, a digital voice recorder, a surveillance system.
 7. Themethod according to claim 1, wherein said buffer is a volume and whereinsaid buffer and said secure storage volume are stored on a hard drive ofa storage system.
 8. The method according to claim 1, wherein receiveddata in a buffer are removed after said data from said buffer aretransferred to said secure storage volume.
 9. The method according toclaim 1, wherein said secure storage volume is locked after said datafrom said buffer have been transformed to said secure storage.
 10. Asystem for loading data into a secure storage volume, said systemcomprising: a secure storage volume adapted for storing data received bya receiving unit; a buffer adapted for intermediately storing saidreceived data; a determination module adapted for determining that saidsecure storage volume is unlocked; and a transferring module adaptedfor: upon said determination by said determination module determiningthat said secure storage volume is unlocked, transferring the receiveddata from the buffer to the secure storage volume in encrypted form. 11.The system according to claim 10, wherein said secure storage volume isunlockable by a received encryption key to be usable for an encryptionand a decryption of data on said secure storage volume.
 12. The systemaccording to claim 10, wherein said received data in said buffer areencrypted by an encryption key available to said buffer.
 13. The systemaccording to claim 10, further comprising: a key generation unit adaptedfor generating an ad-hoc encryption key and for encrypting said receiveddata in said buffer by said ad-hoc encryption key.
 14. The systemaccording to claim 13, further comprising: a key storage module adaptedfor storing said ad-hoc generated encryption key in an encrypted formusing an asymmetric key pair which public portion is stored unencryptedin said buffer and which private key portion is stored on said securestorage volume.
 15. The system according to claim 10, wherein saidsecure storage volume is a storage volume of a storage device from agroup comprising at least one out of said group a network attachedstorage, a digital camera, a smartphone, a digital voice recorder, asurveillance system.
 16. The system according to claim 10, wherein saidbuffer is a volume and wherein the buffer and said secure storage volumeare stored on a hard drive of a storage system.
 17. The system accordingto claim 10, wherein said buffer is also adapted for removing saidreceived data from said buffer after transferring said received data tosaid secure storage volume.
 18. The system according to claim 10,wherein said secure storage volume is adapted to be lockable after saiddata from said buffer have been transformed to said secure storage. 19.A computer program product for loading data into a secure storagevolume, said computer program product comprising a computer readablestorage medium having program instructions embodied therewith, saidprogram instructions being executable by one or more computing systemsor controllers to cause said one or more computing systems to: receivedata to be stored on said secure storage volume; store said receiveddata in a buffer; and upon determining that said secure storage volumeis unlocked, transfer said received data from said buffer to said securestorage volume in encrypted form.
 20. The computer program productaccording to claim 19, wherein said secure storage volume is unlockableby a received encryption key to be usable for an encryption and adecryption of data on said secure storage volume.